Family: Web Servers --> Category: infos
Apache mod_access rule bypass Vulnerability Scan
Vulnerability Scan Summary
Checks for Apache mod_access Rule Bypass Vulnerability
Detailed Explanation for this Vulnerability Test
The target is running an Apache web server that may not properly handle
access controls. In effect, on big-endian 64-bit platforms, Apache
fails to match allow or deny rules containing an IP address but not a
***** Nessus has acertaind the vulnerability exists only by looking at
***** the Server header returned by the web server running on the target.
***** If the target is not a big-endian 64-bit platform, consider this a
***** false positive.
Additional information on the vulnerability can be found at :
Solution : Upgrade to Apache version 1.3.31 or newer.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.